webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-10 19:15:54 +02:00
Code Issues Packages Projects Releases Wiki Activity
12,711 Commits 2 Branches 1 Tag
1e2b25778909f3e64bdbe67ec81fa5937940a594
Commit Graph

293 Commits

Author SHA1 Message Date
Michael Tremer
f9dd134645 ipsec-interfaces: Resolve any remote hostnames 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-02-04 18:20:36 +00:00
Michael Tremer
d985ce5ae9 ipsec-interfaces: Move conditional block into the loop 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-02-04 18:20:36 +00:00
Michael Tremer
517683eeb1 ipsec: Drop VPN_IP setting 
This is now a per-connection setting

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-02-04 18:20:36 +00:00
Michael Tremer
6826364580 ipsec-*: Name some more configuration variables 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-02-04 18:20:36 +00:00
Michael Tremer
1ca2f88a74 ipsec-interfaces: Uses local IP address from connection first, then default 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-02-04 18:20:36 +00:00
Michael Tremer
c94aa25475 ipsec-interfaces: Fix typo in variable name 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-02-04 18:20:36 +00:00
Michael Tremer
c821440ced ipsec: Filter better for GRE/VTI interfaces 
This tried to delete the GREEN interface before

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-02-04 18:20:36 +00:00
Michael Tremer
6a45a1f101 ipsec: TTL only applies for GRE interfaces and not VTI 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-02-04 18:20:36 +00:00
Michael Tremer
54bac01402 ipsec: Find correct RED IP address when using %defaultroute 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-02-04 18:20:36 +00:00
Michael Tremer
3dc21d43bf ipsec: Log a message when an interface could not be created 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-02-04 18:20:36 +00:00
Michael Tremer
1a45f9a70a ipsec-interfaces: Don't add any interfaces when IPsec is disabled 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-02-04 18:20:36 +00:00
Michael Tremer
a56357b8be Revert "ipsec-interfaces: Run when IPsec is disabled" 
This reverts commit 3c3a1cfdb9b473fae9b792e8c211c9940fafc658.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-02-04 18:20:36 +00:00
Michael Tremer
4cf038dcfe ipsec-interfaces: Run when IPsec is disabled 
This needs to run even when IPsec is disable to remove
and interfaces

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-02-04 18:20:36 +00:00
Michael Tremer
05af70c2f3 ipsec-interfaces: Use correct righthost variable 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-02-04 18:20:36 +00:00
Michael Tremer
b8c153bca5 IPsec: Add (experimental) script that creates GRE/VTI interfaces 
Signed-off-by: root <root@interim-edge-a.ec2.internal>
 2019-02-04 18:20:36 +00:00
Peter Müller
d38e7e256d use HTTPS for downloading GeoIP database files 
Signed-off-by: Peter Müller <peter.mueller@link38.eu>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-01-21 21:03:38 +00:00
Arne Fitzenreiter
271bac39a0 xt_geoip_updte: fix download url 
the maxmind server delivers an old version if there are
two slashes before the database filename.

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-01-19 15:16:43 +01:00
Stefan Schantl
b76a8a008d xt_geoip_update: Adjust script to download and use the GeoLite2 database 
Fixes #11961.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-01-07 01:21:01 +00:00
Stefan Schantl
a77870146f xtables-addons: Use shipped xt_geoip_build 
Use the shipped xt_geoip_build directly instead of holding a copy in our GIT.

Reference #11959

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-01-07 01:20:22 +00:00
Michael Tremer
492b0b7c18 backupiso: Add support for aarch64 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-11-08 16:02:17 +00:00
Michael Tremer
8a0bc03450 backupiso: Fix order of variables 
Some values in variables were corrected but used before.

Reported-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-11-08 15:58:58 +00:00
Arne Fitzenreiter
6104f2e816 backupiso: fix boot on EFI 
the grub on EFI serch the config on volume "IPFire 2.21 arch"
so the custom "ipfire backup ..." volume name is not working
anymore.
This is now fixed and a backup-version.media tag will added.

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2018-11-07 19:16:57 +01:00
Arne Fitzenreiter
84902aa499 backup: fix backupiso mastering 
fixes: #11916

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2018-11-04 10:16:26 +01:00
Arne Fitzenreiter
ca9c45b3f2 graphs: add NVMe disks 
Add NVMe disks to media and hardwaregraphs.

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2018-10-28 17:56:37 +01:00
Arne Fitzenreiter
4eedf6793b rebuild-initrd: update for grub2 
this was was not used for years because we usually ship a prebuild ramdisk
so this incompatiblity was not noticed long time...

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2018-09-20 20:03:26 +02:00
Michael Tremer
046ef135e6 Merge remote-tracking branch 'origin/efi' into next 2018-08-16 12:49:13 +01:00
Arne Fitzenreiter
b403b04a13 initrd: add early microcode load 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2018-08-05 13:32:36 +02:00
Michael Tremer
f32cbd89d9 backup: Bump release number in ISO download script 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-08-03 13:07:31 +01:00
Michael Tremer
87589bce00 backup: Make backup ISO bootable on EFI 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-07-31 16:36:09 +01:00
Michael Tremer
befc040497 Move update-bootloader script into installer 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-07-20 12:03:09 +00:00
Michael Tremer
eadde44b05 update-bootloader: Allow passing device to install GRUB on 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-07-20 12:03:09 +00:00
Michael Tremer
c1397b7ab3 update-bootloader: Extend script to support EFI 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-07-20 12:03:09 +00:00
Michael Tremer
3ed1c621cf Revert "Add Intel microcode updates from Jan 2018" 
This reverts commit d404b1dba2.

Intel has pulled these microcode updates because of
random system reboots and systems becoming unstable.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-01-24 16:08:22 +00:00
Jonatan Schlag
d404b1dba2 Add Intel microcode updates from Jan 2018 
Add intel microcode to the distribution and configure dracut in a way
that the microcode is loaded early in the boot process.

Fixes #11590

Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Acknowledged-by: Arne Fitzenreiter <arne.fitzenreiter@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-01-14 15:25:08 +00:00
Arne Fitzenreiter
9064ba72fe drop httpscert and merge to apache initskript 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2017-10-22 15:50:38 +02:00
Peter Müller
5760f93a74 generate ECDSA key on existing installations 
Generate ECDSA key (and sign it) in case it does not exist. That way,
httpscert can be ran on existing installations without breaking already
generated (RSA) keys.

Signed-off-by: Peter Müller <peter.mueller@link38.eu>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-10-11 20:05:34 +01:00
Michael Tremer
6772cc8035 Download ISO images from https://downloads.ipfire.org 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-10-06 13:03:40 +01:00
Michael Tremer
cb40ff6027 captive portal: Reload firewall rules after cleanup 
This is not necessary to stop any clients from accessing the
Internet, but if we know that we don't need a line for certain
any more, we can as well remove the firewall rule straight away.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-10-05 12:09:58 +02:00
Michael Tremer
b1773d1a37 captive portal: Don't remove unlimited access after one hour 
Reported-by: Daniel Weismüller <daniel.weismueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-10-05 12:04:29 +02:00
Alexander Marx
07d56062a9 Captive-Portal: fix cleanup script 
The cleanup-script did not write back the hash after the expired voucher
was delted

Signed-off-by: Alexander Marx <alexander.marx@ipfire.org>
 2017-09-22 18:54:45 +01:00
Alexander Marx
e01c5ab71a Captive-Portal: redesign Webinterface 
Signed-off-by: Alexander Marx <alexander.marx@ipfire.org>
 2017-09-22 18:54:03 +01:00
Alexander Marx
4d9002279f Captive-Portal: add crontab and cleanup scripts 
The cleanup script is called every hour and deletes expired clients from
the clients file.
every night the captivectrl warpper runs once to flush the chains and
reload rules for active clients

Signed-off-by: Alexander Marx <alexander.marx@ipfire.org>
 2017-09-22 18:54:03 +01:00
Michael Tremer
3ddd5b66a9 Fix environment variables when building file list for core updates 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-05-24 12:20:12 +01:00
Michael Tremer
dc7d6b204d make.sh: Cleanup of polluted environment 
The build environment is using a number of variables which
occasionally conflicted with some other build systems.

This patch cleans that up by renaming some variables and
later unexporting them in the lfs files.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-05-18 12:02:03 +01:00
Matthias Fischer
a0a33a8f10 BUG11271 / GeoIP: Download GeoIP database via HTTPS 
For details see:
https://bugzilla.ipfire.org/show_bug.cgi?id=11271

Download GEoIP database per HTTPS download.

Best,
Matthias

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-02-04 13:31:35 +00:00
Jonatan Schlag
b1b6e9f396 Fix the backup iso script once again. 
In commit 391560854f was an error in the
case statement. On i?586 the check fails. Removing the "" fixes the
error.

Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-01-04 11:21:28 +00:00
Jonatan Schlag
391560854f Improvement of backup iso script 
The backup iso script did not check the arch of the host. On x86_64 host
the wrong iso was downloaded.

Furthermore, there were some if clauses which could cause trouble which
I also tried to improve.
(For example: -e is valid if we have a directory or a file, but we want
to check for a file only )

Fixes: 11258

Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-01-02 19:12:14 +00:00
Arne Fitzenreiter
33513817fa set version to IPFire 2.19 core100 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2016-03-20 09:36:33 +01:00
Alexander Marx
1d47c971e6 BUG10834: fixes ovpn-ccd-convert 
When restoring an old backup, all OpenVPN RW's get the dynamic network.
 2015-05-06 16:18:00 +02:00
Stefan Schantl
e6c4f090b6 Merge branch 'next-geoip' into core-90-geoip 2015-04-15 17:10:49 +02:00